From 2a22189222f722e8a9eee55fbc60dbead4ead6f4 Mon Sep 17 00:00:00 2001
From: Federico Di Pierro <nierro92@gmail.com>
Date: Thu, 27 Apr 2023 10:01:11 +0200
Subject: [PATCH] chore(ci): added AWS ECR login to reusable_publish_docker.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Luca Guerra <luca@guerra.sh>
---
 .../workflows/reusable_publish_docker.yaml    | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/.github/workflows/reusable_publish_docker.yaml b/.github/workflows/reusable_publish_docker.yaml
index ed5a113e..3263484d 100644
--- a/.github/workflows/reusable_publish_docker.yaml
+++ b/.github/workflows/reusable_publish_docker.yaml
@@ -2,6 +2,13 @@
 on:
   workflow_call:
 
+permissions:
+  id-token: write
+  contents: read
+  
+env:
+  AWS_S3_REGION: eu-west-1
+  
 jobs:
   publish-docker:
     runs-on: ubuntu-latest
@@ -24,6 +31,18 @@ jobs:
         with:
           username: ${{ secrets.DOCKERHUB_USER }}
           password: ${{ secrets.DOCKERHUB_SECRET }}
+      
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: "arn:aws:iam::292999226676:role/github_actions-falco-ecr"
+          aws-region: ${{ env.AWS_S3_REGION }}
+          
+      - name: Login to Amazon ECR
+        id: login-ecr-public
+        uses: aws-actions/amazon-ecr-login@2f9f10ea3fa2eed41ac443fee8bfbd059af2d0a4 # v1.6.0
+        with:
+          registry-type: public    
           
       - name: Login to Amazon ECR Public
         run: |